Check your domain's reputation now

Paste any domain. Scorifya checks the domain's mail servers against major email blocklists and asks Google Safe Browsing whether the site is flagged as dangerous.

Free tool

Domain reputation checker — blocklist and Safe Browsing test

Reputation problems are invisible until they cost you. A sending IP on an email blocklist quietly sends your invoices and password resets to spam, and a Safe Browsing flag puts a full-page red warning in front of most of your visitors. Both can happen without any change you made, from a compromise, a noisy shared host, or abuse before you owned the address.

Paste a domain (or any URL, Scorifya extracts the apex). The checker resolves the domain's mail servers, checks each IP against major email blocklists, and asks Google Safe Browsing whether the site is flagged for malware or phishing. Reputation sits inside the broader 0 to 100 hardening score alongside TLS, headers, and email authentication.

This page is written for people searching for domain reputation checker—same tool as the homepage, with context for that query.

How we differ from deep TLS graders, browser-focused posture tools, and header-only checkers: read the comparison.

Example results

Illustrative snapshots of what a report can look like—paste your URL above for a live score on your site.

Example A — a mail IP is on a blocklist

74Fair

One of the domain's sending IPs is listed on an email blocklist, so a share of legitimate mail is being refused or sent to spam.

A mail IP for this domain is on an email blocklist
Find the cause (a compromised mailbox, an open form sending spam, a bad shared host), fix it, then request delisting from each blocklist.
Safe Browsing: clean
Google Safe Browsing does not currently flag this site for malware or phishing.

Example B — clean reputation

92Good

No sending IPs on the checked blocklists and no Safe Browsing flag. A healthy reputation that supports good deliverability.

Blocklists: clean
None of the domain's mail IPs appeared on the checked blocklists at scan time.
Safe Browsing: clean
The site is not flagged as dangerous, so visitors reach it without a browser warning.

How to improve your score

Fix the root cause before requesting delisting
A delisting that doesn't address why you were listed gets reversed. Rotate compromised credentials, close open forms and scripts that send mail, and move off a bad shared IP first.
Request delisting from each blocklist that names you
Most blocklists publish a self-service removal form. Submit one per list, and keep your sending volume clean while the request is reviewed.
Authenticate your mail with SPF, DKIM, and DMARC
Clearly authenticated mail is easier to keep out of blocklists and speeds delisting. Use the email authentication analyzer to see exactly what to publish.
Treat a Safe Browsing flag as a likely compromise
Review recent file changes, injected scripts, and unknown admin users. Remove the malicious content, close the entry point, then request a review through Search Console.
Re-check after every fix
Reputation changes over time. Re-run the check after remediation and after any change to where your mail or site is hosted.

For weights and penalties behind each category, see How Scorifya works.

Learn the concepts

Background explainers for what this tool checks.

DMARC, SPF, and DKIM explained

Frequently asked questions

What does the reputation checker actually look up?

It resolves the domain's mail servers (the apex A record and the MX hosts), checks each IP against a curated set of email blocklists, and queries Google Safe Browsing for the site URL. It does not send email or log in anywhere.

Which blocklists do you check?

A small curated set of widely used email blocklists, including Spamhaus, SpamCop, Barracuda, and SORBS. The list is intentionally focused rather than exhaustive.

Why does it sometimes say a result is inconclusive?

Some blocklists rate-limit or refuse lookups from shared resolvers and answer with an error code instead of a real result. We treat anything that isn't a definitive listing as inconclusive, so you never see a false 'you're on a blocklist'.

My site is flagged by Safe Browsing. What do I do?

Treat it as a possible compromise. Find and remove the malicious or phishing content, close the vulnerability that allowed it, then request a review through Google Search Console. Warnings usually clear within a day or two of a successful review.

Does a clean result mean my email always lands in the inbox?

No. Blocklist status is one important input to deliverability, but inbox placement also depends on authentication, sending history, content, and each receiver's own filters. A clean reputation removes one major obstacle.

More detail on limits and billing: FAQ.

How to interpret the results

TLS, HTTPS & redirects
Valid certificates, modern TLS, and clean HTTP→HTTPS upgrades. We also probe whether legacy TLS 1.0/1.1 are still accepted.
Security headers
CSP, HSTS, and related headers reduce common browser-side attack surfaces and clickjacking risk.
DNS & email (passive)
SPF, DMARC, a few DKIM selectors, MX, and whether common subdomains resolve publicly—without port scanning.
Hygiene signals
Verbose server banners and risky defaults can raise your attack surface and erode trust.
Not a vulnerability scan
Scorifya checks public configuration signals; it does not attempt exploitation, port scans, or authenticated crawling.

Next steps

If you're iterating on headers or deploying changes, you'll likely run multiple checks as you tighten config. When you're ready, Scorifya Pro removes scan limits and unlocks JSON/CSV/PDF exports.

Loading…